Free Malware Removal Forum

[P;3]

When someone has the time could they please check this out?

On my Windows 98SE BT Broadband computer, on ADSL Modem, running Avast 4 Home, Superantispyware installed but not on Real Time Protection

I was on a forum trying to do a link to another site and had to log off very quicky due to a caller at my front door ; Thought nothing of it untill I restarted my computer and noticed a blob thingi in the middle of my Desktop which appeared to be the blob of the icon I had been woring on on the forum

A prompt from another forum suggested my Desktop wallpaper may have changed so I checked this and noticed that had happened ; I have since changed it back to what I want

Then I noticed when I click on my Desktop shorcut to the IE6 Browser it did NOT bring up the usual Dial up box ; I have since gone to my Tools/Internet Options/Always Dial my Defaul Connection ( the lattter was NOT activated or had got somehow altered ); I have rechecked the Box to enable the Dial up box to appear ,the Dial up box now appears

This may all just be completley co-incidental but I would appreciate a health check

Todays Avast 4 Home computer scan runs clean
My Scan Disc ran clear

Thanks in advance for your look-see; this is my HJT scan report from today
Also for some strange reason I cannot open

http://www.statcounter.com/
( I get 'cannot find server')

(Even in my Netscapse browser I cannot open that site either )

I will be checking THIS issue out with my ISP



Logfile of HijackThis v1.99.1
Scan saved at 09:34:53, on 18/07/09
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
C:\WINDOWS\SYSTEM\KB918547\KB918547.EXE
C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHSERV.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\SYSTEM\DSLAGENT.EXE
C:\WINDOWS\SYSTEM\GSICON.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\TPPALDR.EXE
C:\WINDOWS\LOADQM.EXE
C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHWEBSV.EXE
C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHMAISV.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\HPZSTATX.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\HJTHIS\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = index.php
F1 - win.ini: run=C:\WINDOWS\hpfsched.exe
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CPROGRAM%20FILES%5CNETSCAPE%5CNETSCAPE%5Csearchplugins%5CSBWeb_01.src"); (C:\WINDOWS\Application Data\Mozilla\Profiles\default\i4l3nxwx.slt\prefs.js)
O2 - BHO: Guard-IE - {D2F719F3-106A-402B-9996-3A5B12ACA564} - C:\PROGRAM FILES\FAILSAFE\GUARDIE\PNIE.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_12\bin\ssv.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL
O3 - Toolbar: Guard-IE - {37C8204D-97C3-4127-BB28-1BFF3FA2F7DA} - C:\PROGRAM FILES\FAILSAFE\GUARDIE\PNIE.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB
O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE
O4 - HKLM\..\Run: [RemHelp] remhelp.exe
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [TPP Auto Loader] C:\WINDOWS\TPPALDR.EXE
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [avast! Web Scanner] C:\PROGRA~1\ALWILS~1\AVAST4\ASHWEBSV.EXE
O4 - HKLM\..\Run: [ashMaiSv] C:\PROGRA~1\ALWILS~1\AVAST4\ashmaisv.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [KB891711] C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
O4 - HKLM\..\RunServices: [KB918547] C:\WINDOWS\SYSTEM\KB918547\KB918547.EXE
O4 - HKLM\..\RunServices: [avast!] C:\Program Files\Alwil Software\Avast4\ashServ.exe
O4 - HKCU\..\Run: [PPWebCap] C:\PROGRA~1\SCANSOFT\PAPERP~1\PPWebCap.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\PROGRAM FILES\SUPERANTISPYWARE\SUPERANTISPYWARE.EXE
O4 - Startup: BT Broadband Help.lnk = C:\Program Files\BT Broadband\Help\bin\matcli.exe
O4 - Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: Check &Spelling - res://C:\PROGRAM FILES\IESPELL\IESPELL.DLL/SPELLCHECK.HTM
O8 - Extra context menu item: &ieSpell Options - res://C:\PROGRAM FILES\IESPELL\IESPELL.DLL/SPELLOPTION.HTM
O9 - Extra button: @C:\PROGRAM FILES\FAILSAFE\GUARDIE\PNIE.DLL,-100 - {BDD75188-2FC0-4099-909F-AA8D432BE037} - C:\PROGRAM FILES\FAILSAFE\GUARDIE\PNIE.DLL
O9 - Extra 'Tools' menuitem: @C:\PROGRAM FILES\FAILSAFE\GUARDIE\PNIE.DLL,-100 - {BDD75188-2FC0-4099-909F-AA8D432BE037} - C:\PROGRAM FILES\FAILSAFE\GUARDIE\PNIE.DLL
O9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\PROGRAM FILES\IESPELL\IESPELL.DLL
O9 - Extra 'Tools' menuitem: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\PROGRAM FILES\IESPELL\IESPELL.DLL
O9 - Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\PROGRAM FILES\IESPELL\IESPELL.DLL
O9 - Extra 'Tools' menuitem: ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\PROGRAM FILES\IESPELL\IESPELL.DLL
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRAM FILES\JAVA\JRE1.5.0_12\BIN\SSV.DLL
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRAM FILES\JAVA\JRE1.5.0_12\BIN\SSV.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\SYSTEM\SHDOCVW.DLL
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\SYSTEM\SHDOCVW.DLL
O15 - Trusted Zone: http://www.statcounter.com
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/download/ipixx.cab
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/sscv6/Shar ... /cabsa.cab
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/hpdj/en/check/qdiagh.cab?319
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005 ... scan53.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/Shar ... vSniff.cab
O16 - DPF: {1803B9EF-9905-4F34-AFC4-05D1BAB28801} (RegUserCfgUI Class) - http://us.dl1.yimg.com/download.yahoo.c ... egucfg.cab
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {8FD68625-2346-418A-8899-67CB36B1917F} (McciSM Class) - http://help.broadbandassist.com/prequal/BTPreQual.cab

Many thanks

[MWR 3 day Mod]

Hi,

We are sorry to see your topic is over three days old and no one has yet been able to respond and offer help.

If you still require assistance, please post a link to your topic in our Waiting for help with malware removal? forum, and our staff will make an effort to assist you as promptly as possible. Only post a LINK to this topic, DO NOT post your DDS log!

Please do not reply to this topic.

If you haven't posted within two days in the "Waiting for help with malware removal?" forum, we will assume you have been able to get assistance in other ways and this topic will be closed.

[Dakeyras]

Please note that all instructions given are customised for this computer only, the tools used may cause damage if used on a computer with different infections.

If you think you have similar problems, please post a log in the HJT forum and wait for help.

Hi P;3

I'm Dakeyras and I am going to try to assist you with your problem. Please take note of the below:

• I will start working on your Malware issues, this may or may not, solve other issues you have with your machine.
• The fixes are specific to your problem and should only be used for this issue on this machine!.
• The process is not instant. Please continue to review my answers until I tell you your machine is clear. Absence of symptoms does not mean that everything is clear.
• If you don't know, stop and ask! Don't keep going on.
• Please reply to this thread. Do not start a new topic.
• Refrain from running self fixes as this will hinder the malware removal process.
• It may prove beneficial if you print of the following instructions or save them to notepad as I post them.
• Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.

Windows 98 no longer supported:

End of support for Windows 98 and Windows Me
July 11, 2006 will bring a close to Extended Support for Windows 98, Windows 98 Second Edition, and Windows Me as part of the Microsoft Lifecycle Policy. Microsoft will retire public and technical support, including security updates, by this date.

Source

You may be aware of this or not. Since this operating system is no longer supported by Microsoft and no critical updates available what so ever, using this machine online is very hazardous to say the least.

My advice would be to either upgrade the current operating system to at least XP Service Pack 2 or stop using this machine online and keep as a offline workstation only.

SUPERAntiSpyware Advice:

CAUTION: SuperAntiSpyware comes with a programme called Bootsafe, do not for any reason use this programme, if used on an infected computer it could render it UNBOOTABLE.

DelDomains:

Right click Here and select Save As to download WinHelp2002's DelDomains.inf. Please save the file somewhere you can find it like on the desktop. To run the inf file, right click on it and select Install.

Rename HijackThis.exe:

I honestly do not think doing this will reveal anything of a malicious nature but please do so as a precaution. Plus no need to update HijackThis as the present version installed is adequate for Windows 98.

• Using Windows Exploreby right-clicking the Start button and left clicking Explore navigate to:
  
  C:\HJTHIS\HIJACKTHIS.EXE
  
  
• Right-click on HijackThis.exe & select Rename to P3.exe
• After you have renamed hijackthis, right click on it and select Send To > >> Desktop(create shortcut)

Next:

I would like to view a list of currently installed software applications on you're PC. How to provide as follows:

Run HijackThis(now renamed P3.exe) and click on Open the Misc Tools section.

• Click Open Uninstall Manager...
• Click Save list... and save it to your Desktop.
• Copy and paste the file uninstall_list.txt into your next reply.

When completed the above, please post back the following in the order asked for:

• How is you computer performing now, any further symptoms and or problems encountered?
• Uninstall List.
• A new HijackThis Log.

[P;3]

Thanks for the info on the Boot Safe 'option' in Superantispyware; for others who read this thread I did note http://www.superantispyware.com/WebHelp ... _Mode_.htm


and a google search makes interesting reading ....
I am aware of the limitations OF Windows 98SE but it currently serves my purposes

The requested reports are

uninstall list ,,,,

Adobe Acrobat - Reader 6.0.2 Update
Adobe Acrobat and Reader 6.0.3 Update
Adobe Acrobat and Reader 6.0.4 Update
Adobe Acrobat and Reader 6.0.5 Update
Adobe Acrobat and Reader 6.0.6 Update
Adobe Flash Player 9 ActiveX
Adobe Flash Player ActiveX
Adobe Reader 6.0.1
avast! Antivirus
Belarc Advisor 6.1
BT Broadband Help
BT Voyager ADSL Modem
Conexant HCF V.92 56K Speakerphone PCI Modem
Guard-IE V3.4
HijackThis 1.99.1
HP DeskJet 840C Series (Remove only)
ieSpell 2.0.1 (build 325)
Internet Explorer Q903235
Internet Explorer Q916281
InterVideo WinDVD 4
Iomega App Services
J2SE Runtime Environment 5.0 Update 12
Java 2 Runtime Environment, SE v1.4.1_02
Java Web Start
LiveReg (Symantec Corporation)
LiveUpdate 2.5 (Symantec Corporation)
MailWasher
Microsoft Data Access Components KB870669
Microsoft FrontPage Express
Microsoft Internet Explorer 6 SP1 and Internet Tools
Microsoft Office 2000 Premium
Microsoft Outlook Express 6
Microsoft VGX Q833989
Microsoft Web Publishing Wizard 1.6
Mozilla Firefox (1.0.2)
NetMeeting 3.01
Netscape (7.2)
NVIDIA Windows 95/98/ME Display Drivers
Outlook Express Q837009
PaperPort 7.02
QuickTime
SoftWriting 4.0
SUPERAntiSpyware Free Edition
TaskInfo2003 5.0.0.94
USB Storage Adapter V3 (TPP)
Visioneer 4800 USB
Windows 98 KB891711 Update
Windows 98 KB896358 Update
Windows 98 KB908519 Update
Windows 98 KB918547 Update
Windows 98 Q823559 Update
Windows 98 Q840315 Update
Windows 98 Q888113 Update
Windows 98 Q890175 Update
Windows Media Player 7.1
WinZip



New HJT log renamed as requested
Logfile of HijackThis v1.99.1
Scan saved at 21:20:13, on 23/07/09
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
C:\WINDOWS\SYSTEM\KB918547\KB918547.EXE
C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHSERV.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\SYSTEM\DSLAGENT.EXE
C:\WINDOWS\SYSTEM\GSICON.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\TPPALDR.EXE
C:\WINDOWS\LOADQM.EXE
C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHWEBSV.EXE
C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHMAISV.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\MAILWASHER\MAILWASHER.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE\WINWORD.EXE
C:\WINDOWS\MSAGENT\AGENTSVR.EXE
C:\HJTHIS\P3.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = index.php
F1 - win.ini: run=C:\WINDOWS\hpfsched.exe
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CPROGRAM%20FILES%5CNETSCAPE%5CNETSCAPE%5Csearchplugins%5CSBWeb_01.src"); (C:\WINDOWS\Application Data\Mozilla\Profiles\default\i4l3nxwx.slt\prefs.js)
O2 - BHO: Guard-IE - {D2F719F3-106A-402B-9996-3A5B12ACA564} - C:\PROGRAM FILES\FAILSAFE\GUARDIE\PNIE.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_12\bin\ssv.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL
O3 - Toolbar: Guard-IE - {37C8204D-97C3-4127-BB28-1BFF3FA2F7DA} - C:\PROGRAM FILES\FAILSAFE\GUARDIE\PNIE.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB
O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE
O4 - HKLM\..\Run: [RemHelp] remhelp.exe
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [TPP Auto Loader] C:\WINDOWS\TPPALDR.EXE
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [avast! Web Scanner] C:\PROGRA~1\ALWILS~1\AVAST4\ASHWEBSV.EXE
O4 - HKLM\..\Run: [ashMaiSv] C:\PROGRA~1\ALWILS~1\AVAST4\ashmaisv.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [KB891711] C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
O4 - HKLM\..\RunServices: [KB918547] C:\WINDOWS\SYSTEM\KB918547\KB918547.EXE
O4 - HKLM\..\RunServices: [avast!] C:\Program Files\Alwil Software\Avast4\ashServ.exe
O4 - HKCU\..\Run: [PPWebCap] C:\PROGRA~1\SCANSOFT\PAPERP~1\PPWebCap.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\PROGRAM FILES\SUPERANTISPYWARE\SUPERANTISPYWARE.EXE
O4 - Startup: BT Broadband Help.lnk = C:\Program Files\BT Broadband\Help\bin\matcli.exe
O4 - Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: Check &Spelling - res://C:\PROGRAM FILES\IESPELL\IESPELL.DLL/SPELLCHECK.HTM
O8 - Extra context menu item: &ieSpell Options - res://C:\PROGRAM FILES\IESPELL\IESPELL.DLL/SPELLOPTION.HTM
O9 - Extra button: @C:\PROGRAM FILES\FAILSAFE\GUARDIE\PNIE.DLL,-100 - {BDD75188-2FC0-4099-909F-AA8D432BE037} - C:\PROGRAM FILES\FAILSAFE\GUARDIE\PNIE.DLL
O9 - Extra 'Tools' menuitem: @C:\PROGRAM FILES\FAILSAFE\GUARDIE\PNIE.DLL,-100 - {BDD75188-2FC0-4099-909F-AA8D432BE037} - C:\PROGRAM FILES\FAILSAFE\GUARDIE\PNIE.DLL
O9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\PROGRAM FILES\IESPELL\IESPELL.DLL
O9 - Extra 'Tools' menuitem: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\PROGRAM FILES\IESPELL\IESPELL.DLL
O9 - Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\PROGRAM FILES\IESPELL\IESPELL.DLL
O9 - Extra 'Tools' menuitem: ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\PROGRAM FILES\IESPELL\IESPELL.DLL
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRAM FILES\JAVA\JRE1.5.0_12\BIN\SSV.DLL
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRAM FILES\JAVA\JRE1.5.0_12\BIN\SSV.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\SYSTEM\SHDOCVW.DLL
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\SYSTEM\SHDOCVW.DLL
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/download/ipixx.cab
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/sscv6/Shar ... /cabsa.cab
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/hpdj/en/check/qdiagh.cab?319
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005 ... scan53.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/Shar ... vSniff.cab
O16 - DPF: {1803B9EF-9905-4F34-AFC4-05D1BAB28801} (RegUserCfgUI Class) - http://us.dl1.yimg.com/download.yahoo.c ... egucfg.cab
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {8FD68625-2346-418A-8899-67CB36B1917F} (McciSM Class) - http://help.broadbandassist.com/prequal/BTPreQual.cab



Since posting my request I have run a full deep computer scan with updated definitions of Superantispyware

an ON line scan from Trend Micro

a deep scan with Avast 4 Home

all appear to be clean


I have to day taken on an update for ,I think it was Adobe Flash (?)

It DID occur to me that, some while ago ( before this recent progrblem came to light ) I rather misguidedly downloaded the Stop zilla 'program' , thinking it was a recommended program ; I ran it briefly and got inundated with aggressive pop ups telling me I had a massive infection ; I disabled it and attempted to uninstall it via Add/Remove programs

Unfortunately its Program Files Folder ( which is hopefully empty)is still sitting in my C Drive and loads up at Boot up

As far as I am aware my computer appears to be clean

Of interest, this computer has previously had Norton Antivirus installed on it but I beleive it has been hopefully completley remvoed so cannot be causign any conflicts?

I did also had to recently uninstall AVG7.5 Antivirus program as its support for us and the program per ce was withdrawn



I hope this is the information you require ??
How are we doing ?

[Dakeyras]

Hi

Thanks for the info on the Boot Safe 'option' in Superantispyware;

You're welcome!

I am aware of the limitations OF Windows 98SE but it currently serves my purposes

Fair play but I would actually call it a liability to be quite honest but since you are aware

A lot of the installed applications are out of date but not a lot we can do update wise as the newer versions are no longer Windows 98 compatible. So these will always be a security risk also when using your machine online.

I have to day taken on an update for ,I think it was Adobe Flash (?)

Yes it appears the version that is still W98 compatible is installed.

Of interest, this computer has previously had Norton Antivirus installed on it but I beleive it has been hopefully completley remvoed so cannot be causign any conflicts?

I am not seeing any indication of leftovers but HijackThis with W98 provides limited information. For peace of mind if you so wish run this removal tool, it will not cause any harm to your system.

Norton Uninstaller:

Please click here and follow the instructions to download and run the norton removal tool for the version that was installed.

Windows Installer Cleanup Utility:

Download the Windows Installer Cleanup Utility and save it to your Desktop.

• Double-click msicuu2.exe to install the utility.
• Next, click Start >> All Programs >> Windows Install Clean UP
• Once the program is open select:
  
  STOPzilla (If present)
  
  
• Any other entry relating to software applications no longer installed.
• Now click Remove, then click OK
• Reboot your computer.

Next:

Using Windows Explorer (to get there right-click your Start button and go to "Explore"), please delete this folder (if present):

C:\Program Files\STOPzilla

Disk Cleanup:

Next click Start >> Run and type cleanmgr in the box and press OK.

• Wait a few seconds while the hard-drive prepares itself.
• In the Select Drive window that appears choose (C:) in the drop down menu.
• Now click on OK.
• Ensure the boxes for Temporary Files, Temporary Internet Files and Recycle Bin are checked.
• You can choose to check other boxes if you wish but they are not required.
• At the prompt select Yes.
• Now Reboot(restart) your computer.

ESET Online Scanner:

Note: You can use either Internet Explorer or Mozilla FireFox for this scan.

This is W98 compatible, I checked it yesterday in anticipation of asking for this scan.

• Please go here then click on:
  

  Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
  All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.

• Select the option YES, I accept the Terms of Use then click on:
• When prompted allow the Add-On/Active X to install.
• Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
• Now click on Advanced Settings and select the following:

1. Scan for potentially unwanted applications
2. Scan for potentially unsafe applications
3. Enable Anti-Stealth Technology

• Now click on:
• The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
• When completed the Online Scan will begin automatically.
• Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
• When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
• Now click on:
• Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
• Copy and paste that log as a reply to this topic.

When completed the above, please post back the following in the order asked for:

• How is you computer performing now, any further symptoms and or problems encountered?
• ESET Log.
• A new HijackThis Log.

[P;3]

I have started on you instruction but met a problem

Sorry But I cannot lode the Windows Installer Cleanup Utility:

I will try to get the image posted of the error message I see I have the exe on my Desktop but that is as far as it will let me go with it

There you go

[P;3]

Just to add a point;

In my Exploration OF StopZilla (currently still on the computer )I note the file swin32z.sys is in that folder and my search for info on that I find

http://www.siteadvisor.com/sites/stopzi ... s/1150087/

As to Norton I have no idea what I had on here but I note Symantec Live Update Icon in my Control Panel ; unless it is vitAL I remove it I will leave it there

I will not attempt any further steps until I get your feedback on my problem with the Windows Installer Cleanup Utility
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
Forgot to say

Thanks for 'volunteering' to help with this admittedly old OS

[Dakeyras]

Hi

Sorry for the delay replying, had a hectic day.

Just proceed to the below instructions please, thank you.

Next:

Using Windows Explorer (to get there right-click your Start button and go to "Explore"), please delete this folder (if present):

C:\Program Files\STOPzilla

Disk Cleanup:

Next click Start >> Run and type cleanmgr in the box and press OK.

• Wait a few seconds while the hard-drive prepares itself.
• In the Select Drive window that appears choose (C:) in the drop down menu.
• Now click on OK.
• Ensure the boxes for Temporary Files, Temporary Internet Files and Recycle Bin are checked.
• You can choose to check other boxes if you wish but they are not required.
• At the prompt select Yes.
• Now Reboot(restart) your computer.

ESET Online Scanner:

Note: You can use either Internet Explorer or Mozilla FireFox for this scan.

This is W98 compatible, I checked it yesterday in anticipation of asking for this scan.

• Please go here then click on:
  

  Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
  All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.

• Select the option YES, I accept the Terms of Use then click on:
• When prompted allow the Add-On/Active X to install.
• Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
• Now click on Advanced Settings and select the following:

1. Scan for potentially unwanted applications
2. Scan for potentially unsafe applications
3. Enable Anti-Stealth Technology

• Now click on:
• The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
• When completed the Online Scan will begin automatically.
• Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
• When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
• Now click on:
• Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
• Copy and paste that log as a reply to this topic.

When completed the above, please post back the following in the order asked for:

• How is you computer performing now, any further symptoms and or problems encountered?
• ESET Log.
• A new HijackThis Log.

[P;3]

Sorry for the delay replying, had a hectic day

Thanks but no need to appologise; we all have real lives running outside of forums , myself included, hense my request below about scanner times !!!!!


Before I proceed to remove the STOPzilla Folder my examination within it located an exe item.


Could you kindly confirm for me that this particular exe item , if I remove it ,is NOT essential for the running of the computer please.


I had hoped that the folder would be empty but, as you can see from my screan-shot it is not


Also; bearing mind that my Superantispwyare full computer scan took me about two hours to run even in Safe mode, do you have a rough estimate on how long I might need to give the Eset on- line scan so I know to be 'doing something else' while it 'does its thing'

am I looking at a few hours or longer ...any ideas please so I know how much time to allow for it and when I CAN do it in my day

Again>>>>>thanks

[Dakeyras]

Hi

Since STOPzilla is no longer installed it is perfectly safe to delete the program file folder and its contents.

[P;3]

A brief update ;I have run the Disk Clean up as directed and I thought I had removed the STOPzilla program ; however, having removed the whole Folder and deleted it from the recycle bin, I then notice, on boot up that it still shows in my c/windows program files SOMEWHERE although, when I check my C drive the folder IS gone

I will next run the Eset Scan; does anyone have any idea about this elusive to completley remove STOPzilla program apart from shooting it

[P;3]

Sorry but the best I CAN give you from the Eset scan is a screan shot of the result as it refused to load into Notepad and the Notepad link , when I clicked ON it did not highlight or link to anywhere



and a new HJT log



Logfile of HijackThis v1.99.1
Scan saved at 19:13:20, on 28/07/09
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
C:\WINDOWS\SYSTEM\KB918547\KB918547.EXE
C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHSERV.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\SYSTEM\DSLAGENT.EXE
C:\WINDOWS\SYSTEM\GSICON.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\TPPALDR.EXE
C:\WINDOWS\LOADQM.EXE
C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHWEBSV.EXE
C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHMAISV.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\HPFSTSC0.EXE
C:\WINDOWS\SYSTEM\HPZSTATX.EXE
C:\PROGRAM FILES\MAILWASHER\MAILWASHER.EXE
C:\PROGRAM FILES\OUTLOOK EXPRESS\MSIMN.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\HJTHIS\P3.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = index.php
F1 - win.ini: run=C:\WINDOWS\hpfsched.exe
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CPROGRAM%20FILES%5CNETSCAPE%5CNETSCAPE%5Csearchplugins%5CSBWeb_01.src"); (C:\WINDOWS\Application Data\Mozilla\Profiles\default\i4l3nxwx.slt\prefs.js)
O2 - BHO: Guard-IE - {D2F719F3-106A-402B-9996-3A5B12ACA564} - C:\PROGRAM FILES\FAILSAFE\GUARDIE\PNIE.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_12\bin\ssv.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL
O3 - Toolbar: Guard-IE - {37C8204D-97C3-4127-BB28-1BFF3FA2F7DA} - C:\PROGRAM FILES\FAILSAFE\GUARDIE\PNIE.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB
O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE
O4 - HKLM\..\Run: [RemHelp] remhelp.exe
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [TPP Auto Loader] C:\WINDOWS\TPPALDR.EXE
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [avast! Web Scanner] C:\PROGRA~1\ALWILS~1\AVAST4\ASHWEBSV.EXE
O4 - HKLM\..\Run: [ashMaiSv] C:\PROGRA~1\ALWILS~1\AVAST4\ashmaisv.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [KB891711] C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
O4 - HKLM\..\RunServices: [KB918547] C:\WINDOWS\SYSTEM\KB918547\KB918547.EXE
O4 - HKLM\..\RunServices: [avast!] C:\Program Files\Alwil Software\Avast4\ashServ.exe
O4 - HKCU\..\Run: [PPWebCap] C:\PROGRA~1\SCANSOFT\PAPERP~1\PPWebCap.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\PROGRAM FILES\SUPERANTISPYWARE\SUPERANTISPYWARE.EXE
O4 - Startup: BT Broadband Help.lnk = C:\Program Files\BT Broadband\Help\bin\matcli.exe
O4 - Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: Check &Spelling - res://C:\PROGRAM FILES\IESPELL\IESPELL.DLL/SPELLCHECK.HTM
O8 - Extra context menu item: &ieSpell Options - res://C:\PROGRAM FILES\IESPELL\IESPELL.DLL/SPELLOPTION.HTM
O9 - Extra button: @C:\PROGRAM FILES\FAILSAFE\GUARDIE\PNIE.DLL,-100 - {BDD75188-2FC0-4099-909F-AA8D432BE037} - C:\PROGRAM FILES\FAILSAFE\GUARDIE\PNIE.DLL
O9 - Extra 'Tools' menuitem: @C:\PROGRAM FILES\FAILSAFE\GUARDIE\PNIE.DLL,-100 - {BDD75188-2FC0-4099-909F-AA8D432BE037} - C:\PROGRAM FILES\FAILSAFE\GUARDIE\PNIE.DLL
O9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\PROGRAM FILES\IESPELL\IESPELL.DLL
O9 - Extra 'Tools' menuitem: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\PROGRAM FILES\IESPELL\IESPELL.DLL
O9 - Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\PROGRAM FILES\IESPELL\IESPELL.DLL
O9 - Extra 'Tools' menuitem: ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\PROGRAM FILES\IESPELL\IESPELL.DLL
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRAM FILES\JAVA\JRE1.5.0_12\BIN\SSV.DLL
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRAM FILES\JAVA\JRE1.5.0_12\BIN\SSV.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\SYSTEM\SHDOCVW.DLL
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\SYSTEM\SHDOCVW.DLL
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/download/ipixx.cab
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/sscv6/Shar ... /cabsa.cab
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/hpdj/en/check/qdiagh.cab?319
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005 ... scan53.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/Shar ... vSniff.cab
O16 - DPF: {1803B9EF-9905-4F34-AFC4-05D1BAB28801} (RegUserCfgUI Class) - http://us.dl1.yimg.com/download.yahoo.c ... egucfg.cab
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {8FD68625-2346-418A-8899-67CB36B1917F} (McciSM Class) - http://help.broadbandassist.com/prequal/BTPreQual.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab

I will check them out but the Eset things MAY relate to a Magic Bean Key Finder thingi I have on board wich even Trend flagged up

I did note this



Win32/PSWTool.R.A.S. Application

Which my google search finds



http://www.pctools.com/mrc/infections/id/PSWTool.RAS/

Unless I ought to save it OFF the computer?


And the STOP Zilla shows up when I run misconfig

oddly so does AVG which was on here prior TO Avast 4 Home ; I thought I had completley removed AVG7.5...............

unless I am get to be stuck WITH STOPzilla?

[Dakeyras]

Hi

What ESET flagged does appear to be a FP(False Positive) but it is hard to confirm from just a screen-shot I'm afraid. Plus this is the only online scanner that is still fully(effective with) W98 compatible that I am aware off

So please check here to see if the ESET log is available and if so post in in your next reply please, thank you.

C:\Program Files\ESET\EsetOnlineScanner\log.txt.

Next:

Referring to the STOPzilla and other former installed applications entries you mentioned, these are merely leftover orphaned registry entries and pose no risk security wise. There will be many such on your system.

Do not be tempted to use any type of registry cleaning application however as they often cause more problems and remove legitimate entry's by mistake.

Overall I do not think you have a malware problem. Not a lot else I can advise at this point apart from two options if you really want peace of mind as the amount of specific scanning applications that are W98 compatible is limited to say the least.

Option 1# Perform a reformat and reinstallation of the Windows operating system. If I recall correctly this procedure is fairly fast with W98.

OPtion 2# Upgrade the operating system to XP SP 2 at minimum.

[P;3]

C:\Program Files\ESET\EsetOnlineScanner\log.txt

that file path does not exist on the computer; I have tried to run the scan in Nescape 7.2 browser but it is not 'happening '

I will atempt a rerun in IE6 and see if I CAN get the log report

[Dakeyras]

C:\Program Files\ESET\EsetOnlineScanner\log.txt

that file path does not exist on the computer; I have tried to run the scan in Nescape 7.2 browser but it is not 'happening '

I will atempt a rerun in IE6 and see if I CAN get the log report

OK that is fine, no reason as to why a report should not be generated